package com.crt.nexus.oauth.service;

import com.crt.nexus.security.authentication.ClientDetail;
import com.crt.nexus.security.domain.bean.ClientBean;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;

@Slf4j
@Service
@RequiredArgsConstructor
public class ClientAuthorizationService {

    //    private final ClientDao clientDao;
    private final PasswordEncoder encoder;

    public ClientDetail getClientDetails(ClientBean clientBean) {
//        return clientDao.findEnabled(clientBean.getClientId()).map(client -> {
//            if (!encoder.matches(clientBean.getClientSecret(), client.getClientSecret())) {
//                throw new BadCredentialsException("无效的客户端或密钥");
//            }
//            if (!client.getAuthorizedGrantTypes().contains(clientBean.getGrantType())) {
//                throw new BadCredentialsException("无效的客户端授权类型");
//            }
        ClientDetail detail = new ClientDetail();
        detail.setId(1);
        detail.setClientId("nexus");
        detail.setResourceIds(null);
        detail.setClientSecret("{bcrypt}$2a$10$vCXMWCn7fDZWOcLnIEhmK.74dvK1Eh8ae2WrWlhr2ETPLoxQctN4.");
        detail.setScope("read,write");
        detail.setAuthorizedGrantTypes("password,refresh_token");
        detail.setAuthorities("client");
        detail.setAccessTokenValiditySeconds(432000);
        detail.setRefreshTokenValiditySeconds(864000);
        detail.setIsEnabled(true);
//            detail.setId(client.getId());
//            detail.setClientId(client.getClientId());
//            detail.setClientSecret(client.getClientSecret());
//            detail.setScope(client.getScope());
//            detail.setAuthorizedGrantTypes(client.getAuthorizedGrantTypes());
//            detail.setAuthorities(client.getAuthorities());
//            detail.setAccessTokenValiditySeconds(client.getAccessTokenValidity());
//            detail.setRefreshTokenValiditySeconds(client.getRefreshTokenValidity());
//            detail.setIsEnabled(client.getIsEnabled());
        return detail;
//        }).orElseThrow(() -> new BadCredentialsException("客户端不存在"));
    }

}
